KOALITY PRIVACY POLICY
PRIVACY POLICY
With this privacy notice, Koality GmbH (Koality or we) informs you how we collect, use, disclose and otherwise process personal data. Other privacy notices, individual notices or information may apply to specific matters. Personal data is understood to be all information that relates to a specific or identifiable natural person.
DATA CONTROLLER AND CONTACT DETAILS
The controller of the data processing described in this privacy notice is Koality. You can notify us of any data protection-related concerns using the following contact details:
Koality GmbH
KreidenbĂĽhlstrasse 7
8606 Nänikon
COLLECTION AND PROCESSING OF PERSONAL DATA
We process personal data that we receive from you, our clients and their employees, business partners, from authorities or other third parties. Insofar as it is permitted to us, we may also obtain certain personal data from publicly accessible sources.
The categories of personal data that we collect and process about you may include, in particular, the following:
Personal information and contact details, such as name, address, telephone number, e-mail address, date of birth, nationality, location, gender, pictures, professional functions and activities, education, qualifications, information on family members, relatives and related or affiliated persons, affiliations with third parties;
Employment information, such as your resume and job application materials (provided you apply for a job with us);
Information contained in communication and other interactions with us, such as correspondence by letter or e-mail or through other means of communication with you or with third parties;
Financial information, such as invoicing information, payment details, bank details, information relating to insurance, financial situation;
Data related to marketing activities, such as preferences and interests, newsletter opt-ins and opt-outs, responses to marketing activities, invitations and participation in events and activities;
Data related to the use of our website and other applications, such as connection data, IP address and other identifiers (e.g. user name in social media, MAC address of the smartphone or computer, data from cookies and similar technologies), date and time of the visit to our website, duration of the visit to the website, requested internet address (URL), referrer URL (i.e. the internet address of the website from which you accessed our website, if applicable with the search term used), browser type and version, operating system used, amount of data sent in bytes, and the search term used, location data, pages and content accessed, functions used;
Data obtained from public registers and other public sources, such as the debt enforcement register, credit rating directories, land register, commercial register, media and internet.
PURPOSES OF DATA PROCESSING AND LEGAL BASES
We may process personal data in accordance with applicable data protection law for the following purposes and, if necessary under applicable data protection law, on the basis of the following legal bases:
For the performance of contracts and provide the services you request: We process personal data in connection with the conclusion and performance of contracts with our clients and business partners, in particular in the context of providing recruitment services to our clients (which may include the performance of background checks), evaluating job applications (provided a candidate applies for a job with us) and the procurement of products and services from our suppliers and subcontractors, as well as in order to comply with our legal obligations relating thereto;
To communicate with you: We process data in order to communicate with you about our website, our services and job offers/applications that may be relevant to you;
To fulfill legal obligations: We process personal data in order to comply with our legal or regulatory obligations. Processing purposes include, but are not limited to documenting compliance with legal and regulatory requirements;
- To safeguard legitimate interests: We process personal data for the following purposes if this is necessary to protect the legitimate interests of us or of third parties or to protect legitimate public interests:
providing and developing our services and website, applications and other platforms, on which we are active;
communication with third parties and the processing of their requests (e.g. media inquiries);
advertising and marketing (including organizing events), provided that you have not objected to the use of your data for this purpose;
ensuring our business operations, including our IT, our websites, apps and other appliances;
Based on your consent: If you have given us consent to process your personal data for certain purposes, we process your personal data within the scope of and based on this consent, unless we have another legal basis and we require such a basis.
DISCLOSURE OF PERSONAL DATA TO OTHER PERSONS
We will not trade or sell your personal data to third parties.
Prior to disclosing your personal data with third parties, Koality ensures that they:
Provide adequate safeguards for data protection;
Enter a data processing agreement compliant with applicable data protection regulation.
Koality conducts regular due diligence on third-parties to verify their compliance with applicable data protection regulation and best practices.
We may disclose your personal data to the following types of third parties:
Companies who are looking for candidates, in particular in relation to job vacancies;
Background check providers, which may verify your employment history and qualifications;
Payroll providers, which may facilitate employment contracts and salary payments;
Service providers, business partners and suppliers we work with (such as banks and insurance companies) who in particular help us operate our website and provide our services.
Payment processors who process your payments;Regulatory authorities who require us to disclose your personal data to comply with applicable laws and regulations;
The Public, including users of our website and social media.
Please note that certain other persons may act as independent data controllers or process personal data for their own purposes (e. g. providers of cloud and other IT services).
DISCLOSURE OF PERSONAL DATA ABROAD
Recipients of personal data may be located in Switzerland or abroad. We may disclose personal data to recipients in the EU/EEA, the UK, the USA or any other country of the world, whereby the location of the recipient depends on the matter at hand.
If we disclose personal data to a country without adequate data protection legislation, we will ensure that this is done in compliance with applicable date protection law. We ensure adequate protection, namely by means of sufficient contractual guarantees such as the standard contractual clauses of the European Commission or by relying on another legal transfer tool. By providing your personal data, you consent to such transfers, storage, or processing.
DURATION OF THE RETENTION OF PERSONAL DATA
We process and store personal data as long as it is necessary for the processing purpose for which we collected it. Typically, this is for the term of our business relation and thereafter, as long as we have a legitimate interest in retaining the information. In addition, there may be a contractual or legal obligation to retain or document data (e.g. in accordance with the Swiss Code of Obligations, Value Added Tax Act, etc.).
RIGHTS OF DATA SUBJECT
If you want to know what personal data we hold about you or wish for it to be deleted, please reach out to us at info@koality.ch.
In certain circumstances, you possess these data protection rights:
Access: You can ask for details about your personal data we have;
Rectification: If the data is inaccurate or incomplete, you can request corrections;
Objection: You can contest the use of your data for specific reasons; for instance, using the unsubscribe option in our emails;
Restriction: You can ask us to limit the processing of your data;
Data Portability: Request a copy of your data from us in a standard, machine-readable format;
Withdraw Consent: Should we process data based on your consent, you can retract it anytime.
Please understand we might ask you to confirm your identity before acting on these requests. If unsatisfied with how we handle your data, you can report to your local data protection authority.
COOKIES, TRACKING AND OTHER TECHNOLOGIES RELATED TO THE USE OF OUR WEBSITE
We may use cookies and similar technologies on our website and with respect to our marketing communication that allow us to store information on your device and/or access information stored on your device or to receive information on your response to website offerings and other marketing activities, including. In addition, we use Google Analytics on our website. This is a service of Google (google.com), with which we can measure and evaluate the use of the website. Permanent cookies that Google sets are also used for this purpose. Google does not receive any personal data from us (and does not retain any IP addresses), but it can track your use of the website. Further information on Google Analytics and the data processed can be found here: https://support.google.com/analytics/answer/6004245.
By using our websites, apps and consenting to receive newsletters and other marketing emails, you accept the use of the above mentioned technologies. If you do not wish to do so, you can block or delete the cookies and similar technologies via the privacy settings of your browser and e-mail program, whereby this may under certain circumstances affect the use of our website.
DATA SECURITY AND POLICY
We take appropriate technical and organizational security measures to protect your personal data from unauthorized access and misuse, such as the issuance of warnings, training, IT and network security solutions, access controls and restrictions, encryption of data media and transmissions, pseudonymization, controls.
In particular:
All personal data is stored in encrypted databases;
Only authorized personnel with a legitimate need to know have access to personal data;
We use up-to-date firewalls, intrusion detection systems, and antivirus software;
All staff undergo data protection training and are aware of their responsibilities;
In case of a data breach, Koality GmbH will notify the Swiss Federal Data Protection and Information Commissioner (FDPIC) and affected individuals within 72 hours of discovering the breach if required;
We conduct regular audits of our data processing systems to ensure compliance with GDPR and maintain the highest security standards.
CHANGES TO THIS POLICY
We may update this privacy policy from time to time to reflect changes in our practices or applicable laws. Please review it periodically for any changes. If we make any material changes, we will notify you by email or by posting a notice on our website.